<?php
        
        
         include "./includes/config.inc.php";

   
   
    if ( $_POST['action'] == 'ok' ) {

        $id2 = $_SESSION["PHPAUCTION_LOGGED_IN"];

      $promocode = $_POST['TPL_promo'];
          $promocode  = substr($promocode, 0, 33);
      
             if ( $promocode ) {         
                  $query99 = "select * from PHPAUCTIONXL_promocode
         WHERE promocode='$promocode'";
$result = mysql_query($query99);

            if ( $result ) {
            
            
$num_auction = mysql_num_rows($result);
               
            if ( $num_auction > 0 ) {   
                    //echo $num_auction;              
       $prmoid 	= mysql_result($result,0,"id"); 
                                   //echo $prmoid;
$query999 = "select * from PHPAUCTIONXL_promocheck
         WHERE promoid='$prmoid' AND userid='$id2'";
$result999 = mysql_query($query999);
 
 
             if ( $result999 ) {
                         //echo $prmoid;
            
$num_auction999 = mysql_num_rows($result999);
                    // echo   $num_auction999;
            if ( $num_auction999 > 0 ) {   
                   
                   
                   $TPL_err = 1;
            $TPL_errmsg = $ENTER_PROMOCODE_ALREADY_USED;
 
 
                      }
 
 
                    
             
             if ( $num_auction999 == 0 ) {       
               
                    
 $free_sign_up_bids = mysql_result($result,0,"bids");   
                     // echo $free_sign_up_bids;
           $TPL_err = 1;
           
      $TPL_errmsg = $free_sign_up_bids; 
      $TPL_errmsg .= " ";    
 $TPL_errmsg .= $ENTER_PROMOCODE_ADDED;
      
      
      $user_id = $_SESSION["PHPAUCTION_LOGGED_IN"];
                            //echo $user_id;
               $query44 = mysql_fetch_array(mysql_query("SELECT bids_remaining FROM PHPAUCTIONXL_users WHERE id='$user_id'"));
     	  
     	$bids3 = $free_sign_up_bids + $query44['bids_remaining'];
     	                // echo $bids3; 
     	
     mysql_query("UPDATE PHPAUCTIONXL_users SET bids_remaining='$bids3' WHERE id='$user_id'");

          $query1 = "INSERT INTO PHPAUCTIONXL_promocheck VALUES";

$query1 .= "(NULL";
$query1 .= ",";
$query1 .= $user_id;
$query1 .= ",";
$query1 .= $prmoid;
$query1 .= ")";

   mysql_query($query1);


}
           
     }      
           
           
           
           
           
           
           
           
             


}
        
        else {
        
               $TPL_err = 1;
        $TPL_errmsg = $REGISETER_PAGE_PROMOCODE_INVALID;
        
}                
}
               


        require("header.php");
 require("themes/default/template_promocode_php.html");
  require("footer.php");




           }

            }

if ( !$_POST['action'] ) { 
 require("header.php");
 require("themes/default/template_promocode_php.html");
  require("footer.php");
      }

?>
